package com.istock.union.controller.security;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;

import com.istock.base.common.api.model.ApiBaseResponse;
import com.istock.base.common.api.model.RetStatusEnum;
import com.istock.union.user.client.SSOClientUtils;
import com.istock.union.user.model.Constants;
import com.istock.union.user.model.OperLog;
import com.istock.union.user.model.SSOUser;
import com.istock.union.user.model.UpdatePasswordModel;
import com.istock.union.user.service.UserInfoService;

@Controller
@RequestMapping("/s/afterLogin")
public class ForceResetPasswdController {

	@Value("${sso.url.success}")
	private String loginSuccessUrl;
	@Autowired
	private UserInfoService userService;
	
	private static final Logger logger = LoggerFactory.getLogger(ForceResetPasswdController.class);
	
	@RequestMapping("/forceResetPwdPre")
	public String forceResetPwd(ModelMap model, Boolean expire) {
		return "afterLogin/forceResetPwd";
	}
	
	@RequestMapping("/forceResetPwd")
	@OperLog(functionName="强制重置密码",menuName="用户管理")
	public ApiBaseResponse<Boolean> forceResetPwdSave(ModelMap model, HttpServletRequest request, HttpServletResponse response, UpdatePasswordModel updateUser, boolean expire) {
		SSOUser user = SSOClientUtils.getInstance().findCurrentUser();
		if (StringUtils.isBlank(updateUser.getNewPassword())) {
			logger.warn("Param newPassword must not be blank, param : {}", updateUser);
			return new ApiBaseResponse<Boolean>(RetStatusEnum.FAIL,Constants.API_RESPONSE_FAIL_CODE, "密码不能为空" , false);
		}
		updateUser.setId(user.getUserId());
		userService.changePassword(updateUser.getId(), updateUser.getConfirmNewPassword());
		return new ApiBaseResponse<Boolean>(RetStatusEnum.SUCCESS,Constants.API_RESPONSE_SUCCESS_CODE, "修改密码成功" , true);
	}
}
